Whenever any software designer needs to incorporate security into an application and wishes to select a PKI security toolkit there is a checklist or desirable qualities that will help evaluating the different market offered options.

First of all, the toolkit should be complete, implementing all the required standards. At a given time a toolkit can be complete but whenever new standards appear it becomes necessary to recompile all the applications using it.

Currently companies use heterogeneous IT infrastructure: different operating systems types and version as well as applications developed in several programming languages. Thus a multi-language, multi-platform toolkit offering a uniform API is a highly appreciated characteristic.

That ideal toolkit will also have to be open in order to simplify the interaction with corporate applications.

Safelayer has found a good answer to fulfill all the above desired qualities by looking into Service Oriented Architectures (SOA).  SOA, by definition, provides interoperability between various software applications running on distinct platforms/operating systems. This characteristic allows the reuse of services and components within an infrastructure.

Web services, as a particular case of SOA, use a set of open standards and protocols. Protocols and data formats are text-based where possible, making it easy for developers to comprehend.

Providing uniform, muti-language, muti-platform software becomes a straightforward task: Web services' definition language (WSDL) allows the specification of a well-defined interface that can be deployed into different platforms by using off the shelf standard development software such as Axis or .NET.

Toolkits offer a set of atomic operations in order to help building the required business logic. That logic has to be extremely well defined for programmers to implement it exactly as it should be. Any small change in that logic may require rewriting pieces of code or, trying to prevent it, building complicated configuration procedures.

TrustedX proposal goes further taking advantage of SOA by offering high abstraction level operations: “sign a document”, “verify a signature on a document”, “cipher/decipher a document”, “check authentication and authorization” and so forth. The business logic required complexity resides outside of the applications. That simple idea has several enormous advantages:

• No application recompilation is needed whenever new standards appear. By simply upgrading the central part of the platform they become immediately available.
• Business logic may change without having to type a single line of code or recompiling any program.

Some voices state that Web Services may offer worse performance than other distributed computing methodologies such as RMI, CORBA, or DCOM. XML was explicitly designed without encoding conciseness or parsing efficiency. XML Infoset standard (http://www.w3.org/TR/xml-infoset/) generally provides smaller encoding sizes and faster processing than a W3C XML representation. Binary representations such as SOAP MTOM (http://www.w3.org/TR/soap12-mtom/) promise to improve the wire efficiency of XML messaging.

Go to discussion forum (1)